poke-gate 0.3.1 → 0.3.3

package/.github/copilot-desktop.yml

@@ -0,0 +1,8 @@
+scripts:
+- name: xcode-build
+  command: cd "clients/Poke macOS Gate" && xcodebuild -scheme "Poke macOS Gate" -configuration Debug -destination 'platform=macOS' build | xcpretty || xcodebuild -scheme "Poke macOS Gate" -configuration Debug -destination 'platform=macOS' build
+- name: xcode-run-simulator
+  command: cd "clients/Poke macOS Gate" && xcodebuild -scheme "Poke macOS Gate" -configuration Debug -destination 'platform=macOS' build && APP_PATH=$(find ~/Library/Developer/Xcode/DerivedData -name "Poke macOS Gate.app" -type d 2>/dev/null | head -1) && [ -n "$APP_PATH" ] && open "$APP_PATH"
+automation:
+  auto_pr_review: false
+  auto_issue_session: true

package/clients/Poke macOS Gate/Poke macOS Gate/GateService.swift

@@ -507,13 +507,17 @@ class GateService: ObservableObject {
 
         proc.executableURL = URL(fileURLWithPath: "/bin/zsh")
         proc.arguments = ["-c", "\(npxBin) -y poke-gate@latest --verbose"]
-        proc.environment = ProcessInfo.processInfo.environment.merging(
+        var environment = ProcessInfo.processInfo.environment.merging(
             [
                 "PATH": fullPath,
                 "POKE_GATE_PERMISSION_MODE": permissionMode.rawValue,
             ],
             uniquingKeysWith: { _, new in new }
         )
+        if let token = resolveToken() {
+            environment["POKE_API_KEY"] = token
+        }
+        proc.environment = environment
         proc.standardOutput = pipe
         proc.standardError = pipe
         proc.currentDirectoryURL = FileManager.default.homeDirectoryForCurrentUser
@@ -556,7 +560,7 @@ class GateService: ObservableObject {
     private func killOrphanedProcesses() {
         let task = Process()
         task.executableURL = URL(fileURLWithPath: "/usr/bin/pkill")
-        task.arguments = ["-f", "node.*poke-gate.*app\\.js"]
+        task.arguments = ["-f", "node .*((poke-gate.*app\\.js)|(\\.bin/poke-gate))"]
         try? task.run()
         task.waitUntilExit()
     }

package/clients/Poke macOS Gate/Poke macOS Gate.xcodeproj/project.pbxproj

@@ -286,7 +286,7 @@
 					"@executable_path/../Frameworks",
 				);
 				MACOSX_DEPLOYMENT_TARGET = 15.0;
-				MARKETING_VERSION = 0.3.0;
+				MARKETING_VERSION = 0.3.2;
 				PRODUCT_BUNDLE_IDENTIFIER = "dev.fka.Poke-macOS-Gate";
 				PRODUCT_NAME = "$(TARGET_NAME)";
 				REGISTER_APP_GROUPS = YES;
@@ -322,7 +322,7 @@
 					"@executable_path/../Frameworks",
 				);
 				MACOSX_DEPLOYMENT_TARGET = 15.0;
-				MARKETING_VERSION = 0.3.0;
+				MARKETING_VERSION = 0.3.2;
 				PRODUCT_BUNDLE_IDENTIFIER = "dev.fka.Poke-macOS-Gate";
 				PRODUCT_NAME = "$(TARGET_NAME)";
 				REGISTER_APP_GROUPS = YES;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "poke-gate",
-  "version": "0.3.1",
+  "version": "0.3.3",
   "description": "Expose your machine to your Poke AI assistant via MCP tunnel",
   "type": "module",
   "bin": {

package/src/app.js

@@ -1,7 +1,8 @@
 import { startMcpServer, enableLogging, getPermissionMode } from "./mcp-server.js";
 import { startTunnel } from "./tunnel.js";
 import { startAgentScheduler, stopAgentScheduler } from "./agents.js";
-import { Poke, isLoggedIn, login, getToken } from "poke";
+import { sendToWebhook } from "./webhook.js";
+import { ensurePokeAuthenticated } from "./poke-auth.js";
 import { execSync } from "node:child_process";
 
 const verbose = process.argv.includes("--verbose") || process.argv.includes("-v");
@@ -11,8 +12,28 @@ function killExistingInstances() {
   const myPid = process.pid;
   const ppid = process.ppid;
   try {
-    const out = execSync("pgrep -f 'node.*poke-gate.*app\\.js'", { encoding: "utf-8" }).trim();
-    const pids = out.split("\n").map(Number).filter((p) => p && p !== myPid && p !== ppid);
+    const out = execSync("ps -axo pid=,ppid=,command=", { encoding: "utf-8" }).trim();
+    const pids = out
+      .split("\n")
+      .map((line) => {
+        const match = line.trim().match(/^(\d+)\s+(\d+)\s+(.+)$/);
+        if (!match) return null;
+        const [, pid, parentPid, command] = match;
+        return { pid: Number(pid), parentPid: Number(parentPid), command };
+      })
+      .filter((processInfo) => {
+        if (!processInfo || processInfo.pid === myPid || processInfo.pid === ppid || processInfo.parentPid === myPid) return false;
+        return (
+          processInfo.command.includes("node ") &&
+          processInfo.command.includes("poke-gate") &&
+          (
+            processInfo.command.includes("app.js") ||
+            processInfo.command.includes(".bin/poke-gate") ||
+            processInfo.command.includes("/bin/poke-gate")
+          )
+        );
+      })
+      .map(({ pid }) => pid);
     for (const pid of pids) {
       try { process.kill(pid, "SIGTERM"); } catch {}
     }
@@ -30,17 +51,7 @@ function sleep(ms) {
 }
 
 async function ensureAuthenticated() {
-  if (!isLoggedIn()) {
-    log("Signing in to Poke...");
-    await login();
-  }
-
-  const token = getToken();
-  if (!token) {
-    throw new Error("Authentication failed: no token returned by Poke SDK.");
-  }
-
-  return token;
+  return ensurePokeAuthenticated({ onLogin: () => log("Signing in to Poke...") });
 }
 
 let currentTunnel = null;
@@ -59,6 +70,7 @@ async function connectWithRetry(mcpUrl, token) {
 
       const { tunnel } = await startTunnel({
         mcpUrl,
+        token,
         onEvent: (type, data) => {
           switch (type) {
             case "connected":
@@ -67,7 +79,7 @@ async function connectWithRetry(mcpUrl, token) {
               reconnectWatchdog = null;
               log(`Tunnel connected (${data.connectionId})`);
               log("Ready — your Poke agent can now access this machine.");
-              notifyPoke(data.connectionId, token);
+              notifyPoke(data.connectionId);
               startAgentScheduler();
               break;
             case "disconnected":
@@ -153,11 +165,10 @@ function buildAccessModeMessage(mode) {
   }
 }
 
-async function notifyPoke(connectionId, token) {
+async function notifyPoke(connectionId) {
   try {
     const mode = getPermissionMode();
-    const poke = new Poke({ token });
-    await poke.sendMessage(
+    await sendToWebhook(
       `Hey! I've connected my computer to you via Poke Gate (tunnel: ${connectionId}). ` +
       `${buildAccessModeMessage(mode)} ` +
       `Just use the tools whenever I ask you to do something on my computer. ` +

package/src/mcp-server.js

@@ -847,12 +847,29 @@ function readBody(req) {
   });
 }
 
+function writeMcpEventStream(req, res) {
+  const sessionId = extractSessionId(req);
+  res.writeHead(200, {
+    "Content-Type": "text/event-stream",
+    "Cache-Control": "no-cache, no-transform",
+    Connection: "keep-alive",
+    "Mcp-Session-Id": sessionId,
+  });
+  res.write(": connected\n\n");
+
+  const keepAlive = setInterval(() => {
+    res.write(": keepalive\n\n");
+  }, 25_000);
+
+  req.on("close", () => clearInterval(keepAlive));
+}
+
 export function startMcpServer(port = 0) {
   return new Promise((resolve, reject) => {
     const httpServer = http.createServer(async (req, res) => {
       res.setHeader("Access-Control-Allow-Origin", "*");
       res.setHeader("Access-Control-Allow-Methods", "GET, POST, DELETE, OPTIONS");
-      res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization, Mcp-Session-Id, Accept");
+      res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization, Mcp-Session-Id, Accept, X-Poke-User-Id");
       res.setHeader("Access-Control-Expose-Headers", "Mcp-Session-Id");
 
       if (req.method === "OPTIONS") {
@@ -863,12 +880,27 @@ export function startMcpServer(port = 0) {
 
       const url = new URL(req.url, "http://localhost");
 
+      if (url.pathname === "/mcp" && req.method === "GET") {
+        const accept = req.headers.accept || "";
+        if (accept.includes("text/event-stream")) {
+          writeMcpEventStream(req, res);
+        } else {
+          res.writeHead(405, { "Content-Type": "text/plain", Allow: "POST, OPTIONS" });
+          res.end("MCP endpoint expects POST, or GET with Accept: text/event-stream");
+        }
+        return;
+      }
+
       if (url.pathname === "/mcp" && req.method === "POST") {
         try {
           const body = await readBody(req);
           const parsed = JSON.parse(body);
 
           const sessionId = extractSessionId(req);
+          const responseHeaders = {
+            "Content-Type": "application/json",
+            "Mcp-Session-Id": sessionId,
+          };
 
           if (Array.isArray(parsed)) {
             const results = [];
@@ -878,17 +910,17 @@ export function startMcpServer(port = 0) {
               const resolved = r instanceof Promise ? await r : r;
               if (resolved) results.push(resolved);
             }
-            res.writeHead(200, { "Content-Type": "application/json" });
+            res.writeHead(200, responseHeaders);
             res.end(JSON.stringify(results));
           } else {
             const m = { ...parsed, __context: { sessionId } };
             let result = handleJsonRpc(m);
             if (result instanceof Promise) result = await result;
             if (result) {
-              res.writeHead(200, { "Content-Type": "application/json" });
+              res.writeHead(200, responseHeaders);
               res.end(JSON.stringify(result));
             } else {
-              res.writeHead(204);
+              res.writeHead(204, { "Mcp-Session-Id": sessionId });
               res.end();
             }
           }

package/src/poke-auth.js

@@ -0,0 +1,25 @@
+import { getToken, isLoggedIn, login } from "poke";
+
+export function resolvePokeToken(options = {}) {
+  const { env = process.env } = options;
+  const loginToken = Object.hasOwn(options, "token") ? options.token : getToken();
+  return env.POKE_API_KEY || loginToken;
+}
+
+export function getPokeAuthToken() {
+  return resolvePokeToken();
+}
+
+export async function ensurePokeAuthenticated({ onLogin } = {}) {
+  if (!getPokeAuthToken() && !isLoggedIn()) {
+    onLogin?.();
+    await login();
+  }
+
+  const token = getPokeAuthToken();
+  if (!token) {
+    throw new Error("Authentication failed: no token returned by Poke SDK.");
+  }
+
+  return token;
+}

package/src/take-screenshot.js

@@ -2,7 +2,8 @@ import { execSync } from "node:child_process";
 import { readFileSync, unlinkSync } from "node:fs";
 import { join } from "node:path";
 import { tmpdir, platform } from "node:os";
-import { Poke, getToken, isLoggedIn, login } from "poke";
+import { isLoggedIn, login } from "poke";
+import { sendToWebhook } from "./webhook.js";
 
 export async function takeScreenshot() {
   if (platform() !== "darwin") {
@@ -15,12 +16,6 @@ export async function takeScreenshot() {
     await login();
   }
 
-  const token = getToken();
-  if (!token) {
-    console.error("Authentication failed: no token returned by Poke SDK.");
-    process.exit(1);
-  }
-
   const dest = join(tmpdir(), `poke-gate-screenshot-${Date.now()}.png`);
 
   console.log("Capturing screenshot...");
@@ -37,8 +32,7 @@ export async function takeScreenshot() {
   console.log(`Screenshot captured (${(png.length / 1024).toFixed(0)} KB). Sending to Poke...`);
 
   try {
-    const poke = new Poke({ token });
-    await poke.sendMessage(
+    await sendToWebhook(
       `Here is a screenshot of my screen right now. Reply me with the image.\n\n\`\`\`\ndata:image/png;base64,${base64}\n\`\`\``
     );
     console.log("Screenshot sent to Poke.");

package/src/tunnel.js

@@ -1,31 +1,12 @@
-import { PokeTunnel, getToken } from "poke";
-import { readFileSync, writeFileSync, mkdirSync } from "node:fs";
-import { join } from "node:path";
-import { homedir } from "node:os";
-
-const CONFIG_DIR = process.env.XDG_CONFIG_HOME || join(homedir(), ".config");
-const STATE_PATH = join(CONFIG_DIR, "poke-gate", "state.json");
+import { PokeTunnel } from "poke";
+import { loadState, saveState } from "./webhook.js";
 
 function log(msg) {
   const ts = new Date().toISOString().slice(11, 19);
   console.log(`[${ts}] ${msg}`);
 }
 
-function loadState() {
-  try {
-    return JSON.parse(readFileSync(STATE_PATH, "utf-8"));
-  } catch {
-    return {};
-  }
-}
-
-function saveState(state) {
-  mkdirSync(join(CONFIG_DIR, "poke-gate"), { recursive: true });
-  writeFileSync(STATE_PATH, JSON.stringify(state, null, 2));
-}
-
-async function cleanupStaleConnections() {
-  const token = getToken();
+async function cleanupStaleConnections(token) {
   if (!token) return;
   const base = process.env.POKE_API ?? "https://poke.com/api/v1";
   const state = loadState();
@@ -49,13 +30,13 @@ async function cleanupStaleConnections() {
     } catch {}
   }
 
-  saveState({});
+  const { webhookUrl, webhookToken } = loadState();
+  saveState({ webhookUrl, webhookToken });
 }
 
-export async function startTunnel({ mcpUrl, onEvent }) {
-  await cleanupStaleConnections();
+export async function startTunnel({ mcpUrl, token, onEvent }) {
+  await cleanupStaleConnections(token);
 
-  const token = getToken();
   if (!token) {
     throw new Error("No Poke auth token available for tunnel.");
   }
@@ -72,6 +53,7 @@ export async function startTunnel({ mcpUrl, onEvent }) {
     const history = state.connectionHistory || [];
     history.push(info.connectionId);
     saveState({
+      ...state,
       connectionId: info.connectionId,
       connectionHistory: history.slice(-10),
     });

package/src/webhook.js

@@ -0,0 +1,47 @@
+import { readFileSync, writeFileSync, mkdirSync } from "node:fs";
+import { join } from "node:path";
+import { homedir } from "node:os";
+import { Poke } from "poke";
+import { getPokeAuthToken } from "./poke-auth.js";
+
+const CONFIG_DIR = process.env.XDG_CONFIG_HOME || join(homedir(), ".config");
+const STATE_PATH = join(CONFIG_DIR, "poke-gate", "state.json");
+
+export function loadState() {
+  try {
+    return JSON.parse(readFileSync(STATE_PATH, "utf-8"));
+  } catch {
+    return {};
+  }
+}
+
+export function saveState(state) {
+  mkdirSync(join(CONFIG_DIR, "poke-gate"), { recursive: true });
+  writeFileSync(STATE_PATH, JSON.stringify(state, null, 2));
+}
+
+export async function getWebhook() {
+  const state = loadState();
+  if (state.webhookUrl && state.webhookToken) {
+    return { webhookUrl: state.webhookUrl, webhookToken: state.webhookToken };
+  }
+
+  const token = getPokeAuthToken();
+  if (!token) throw new Error("No Poke auth token available.");
+
+  const poke = new Poke({ apiKey: token });
+  const result = await poke.createWebhook({ condition: "poke-gate", action: "poke-gate" });
+
+  const webhook = { webhookUrl: result.webhookUrl, webhookToken: result.webhookToken };
+  saveState({ ...state, ...webhook });
+  return webhook;
+}
+
+export async function sendToWebhook(message) {
+  const { webhookUrl, webhookToken } = await getWebhook();
+  const token = getPokeAuthToken();
+  if (!token) throw new Error("No Poke auth token available.");
+
+  const poke = new Poke({ apiKey: token });
+  return poke.sendWebhook({ webhookUrl, webhookToken, data: { message } });
+}

package/test/mcp-server-transport.test.js

@@ -0,0 +1,70 @@
+import assert from "node:assert/strict";
+import http from "node:http";
+import test from "node:test";
+
+import { startMcpServer } from "../src/mcp-server.js";
+
+function request({ port, method = "GET", path = "/", headers = {}, body }) {
+  return new Promise((resolve, reject) => {
+    const req = http.request({ hostname: "127.0.0.1", port, method, path, headers }, (res) => {
+      let data = "";
+      res.on("data", (chunk) => {
+        data += chunk;
+        if (headers.Accept === "text/event-stream") {
+          req.destroy();
+        }
+      });
+      res.on("end", () => resolve({ res, body: data }));
+      res.on("close", () => resolve({ res, body: data }));
+    });
+    req.on("error", (error) => {
+      if (headers.Accept === "text/event-stream") return;
+      reject(error);
+    });
+    if (body) req.write(body);
+    req.end();
+  });
+}
+
+test("MCP POST responses include session id header", async () => {
+  const { httpServer, port } = await startMcpServer();
+  try {
+    const { res, body } = await request({
+      port,
+      method: "POST",
+      path: "/mcp",
+      headers: {
+        "Content-Type": "application/json",
+        "Mcp-Session-Id": "session-1",
+      },
+      body: JSON.stringify({ jsonrpc: "2.0", id: 1, method: "tools/list", params: {} }),
+    });
+
+    assert.equal(res.statusCode, 200);
+    assert.equal(res.headers["mcp-session-id"], "session-1");
+    assert.equal(JSON.parse(body).result.tools.length > 0, true);
+  } finally {
+    httpServer.close();
+  }
+});
+
+test("MCP GET supports event stream transport", async () => {
+  const { httpServer, port } = await startMcpServer();
+  try {
+    const { res, body } = await request({
+      port,
+      path: "/mcp",
+      headers: {
+        Accept: "text/event-stream",
+        "Mcp-Session-Id": "session-2",
+      },
+    });
+
+    assert.equal(res.statusCode, 200);
+    assert.equal(res.headers["content-type"], "text/event-stream");
+    assert.equal(res.headers["mcp-session-id"], "session-2");
+    assert.match(body, /: connected/);
+  } finally {
+    httpServer.close();
+  }
+});

package/test/poke-auth.test.js

@@ -0,0 +1,16 @@
+import assert from "node:assert/strict";
+import test from "node:test";
+
+import { resolvePokeToken } from "../src/poke-auth.js";
+
+test("POKE_API_KEY takes precedence over login token", () => {
+  assert.equal(resolvePokeToken({ env: { POKE_API_KEY: "from-env" }, token: "from-login" }), "from-env");
+});
+
+test("login token is used when POKE_API_KEY is not set", () => {
+  assert.equal(resolvePokeToken({ env: {}, token: "from-login" }), "from-login");
+});
+
+test("missing env and login token resolves to undefined", () => {
+  assert.equal(resolvePokeToken({ env: {}, token: undefined }), undefined);
+});